<?php
	session_start();
	include("load-settings.php");

	if(!isset($_SESSION['user']))
		header("Location: login.php");

	$user = $_SESSION['user'];

	$result = mysql_query("SELECT * FROM user WHERE id = $user");
	$row = mysql_fetch_array($result);
	$access = $row['type'];

	if($access != 2 && $access != 3)
		header("Location: home.php");

	$order = mysql_real_escape_string($_POST['order']);
	$message = mysql_real_escape_string($_POST['message']);

	if(strpos($_SERVER['HTTP_REFERER'], "order.php") !== false)
	{
		$order_result = mysql_query("SELECT * FROM order_record WHERE id = $order");
		$order_row = mysql_fetch_array($order_result);
	}
	if(strpos($_SERVER['HTTP_REFERER'], "duo_order.php") !== false)
	{
		$order_result = mysql_query("SELECT * FROM duo_order WHERE id = $order");
		$order_row = mysql_fetch_array($order_result);
	}
	if(strpos($_SERVER['HTTP_REFERER'], "leveling_order.php") !== false)
	{
		$order_result = mysql_query("SELECT * FROM leveling_order WHERE id = $order");
		$order_row = mysql_fetch_array($order_result);
	}
	if(strpos($_SERVER['HTTP_REFERER'], "referral_order.php") !== false)
	{
		$order_result = mysql_query("SELECT * FROM referral_order WHERE id = $order");
		$order_row = mysql_fetch_array($order_result);
	}

	$message_result = mysql_query("SELECT * FROM email_notification WHERE id = $message");
	$message_row = mysql_fetch_array($message_result);
		
	$result = mysql_query("SELECT * FROM user WHERE id = ".$order_row['user']);
	$row = mysql_fetch_array($result);
	$to = $row['paypal'];
	$subject = 'ELO Edge Boosting';
	$message = str_replace('\n', '\r\n', $message_row['message']);
	$headers = 'From: noreply@eloedge.com' . "\r\n" .
		'Reply-To: noreply@eloedge.com' . "\r\n" .
		'X-Mailer: PHP/' . phpversion();

	mail($to, $subject, $message, $headers);

	header("Location: ".$_SERVER['HTTP_REFERER']);
	
?>